<?php
ob_start();
session_start();
include ("config.inc.php");
include ("jsonEncode.php");

// ausername and apassword sent from form
$ausername = '';
$apassword = '';
$ausername = mysql_real_escape_string($_GET['username']);
$apassword = mysql_real_escape_string($_GET['password']);

$sql    = "SELECT * FROM admin WHERE ausername='$ausername' AND apassword='$apassword' LIMIT 1";
$result = mysql_query($sql) or die(mysql_error());

$data   = mysql_fetch_array($result);
$count  = mysql_num_rows($result);

if($count==1){
	$_SESSION['ausername'] = $ausername;
	$_SESSION['apassword'] = $apassword;
	$_SESSION['admin_id']  = $data['a_id'];
	$a_id = $data['a_id'];
	$_SESSION['last_login'] = $data['last_login'];
	$query = "UPDATE admin SET last_login = Now() WHERE `a_id`= $a_id";
	mysql_query($query);
	//echo $query;
	$_SESSION['aloggedin'] = "1234";
	// valid
	$var = array('avalid' => 1, 'ausername' => $ausername, 'apassword' => $apassword);
	print php_json_encode($var);
}else{
	// invalid
	$var = array('avalid' => 0, 'ausername' => $ausername, 'apassword' => $apassword);
	print php_json_encode($var);
}
?>


